<?php
if (!isset($_REQUEST["courseName"]))
{	die("you must choose a course");}

if ($_REQUEST["courseName"]=="Calculus")
{
	$sTableName="2014_w_cal";
}
elseif ($_REQUEST["courseName"]=="Linear")
{
	$sTableName="2014_w_la";
}
else 
{
	die("you must choose a course");
}

if (!isset($_REQUEST["examName"]))
{
	die("you must choose an exam");
}
else
{
	$sExamName=$_REQUEST["examName"];
}

if (!isset($_REQUEST["StudentID"]))
{
	die("you must input your student ID");
}
if (!isset($_REQUEST["icampus"]))
{
	die("you must input your icampus ID");
}

include(__DIR__."/../db.conf.php");
$sqlConnect = new mysqli($sServer,$sUser,$sPassword,$sDatabaseName);
$sqlConnect->query("SET NAMES 'UTF8'");

$sQuery = "select `student_number`,`name`,`icampus`,`midterm` from `".$sTableName."` where `student_number`=".$_REQUEST["StudentID"]." and `icampus`=\"".$_REQUEST["icampus"]."\" and `".$sExamName."`>0";
$sqlResult = $sqlConnect->query($sQuery);
$nStudentFound = $sqlResult->num_rows;
if ($nStudentFound==0)
{
	die("you have provided incorrect information. Please go <a href=\"javascript:history.back()\">back</a> and try again. ");
}
else
{
	$sQuery= "update `".$sTableName."` set `".$sExamName."_download`=1 where `student_number`=".$_REQUEST["StudentID"];
	$sqlConnect->query($sQuery);
	
	// set header to pdf
	header("Content-type:application/pdf");

	// set file location on server
	$sFileName=$sTableName."_".$sExamName."/".$_REQUEST["StudentID"]."_".$_REQUEST["icampus"].".pdf";

	// file name to download
	header("Content-Disposition:inline;filename='".$_REQUEST["StudentID"].".pdf'");
	
	// point to pdf file
	readfile($sFileName);	
}
?>
